# Impact-First Vulnerability Detail (EPSS/KEV)

## Module
Web

## Status
VERIFIED

## Description
Vulnerability detail page redesigned with impact-first layout showing EPSS probability, KEV catalog status, reachability state, and blast radius before technical details.

## Implementation Details
- **Feature directory**: `src/Web/StellaOps.Web/src/app/features/vulnerabilities/`
- **Components**:
  - `claim-table` (`src/Web/StellaOps.Web/src/app/features/vulnerabilities/components/trust-algebra/claim-table.component.ts`)
  - `confidence-meter` (`src/Web/StellaOps.Web/src/app/features/vulnerabilities/components/trust-algebra/confidence-meter.component.ts`)
  - `policy-chips` (`src/Web/StellaOps.Web/src/app/features/vulnerabilities/components/trust-algebra/policy-chips.component.ts`)
  - `replay-button` (`src/Web/StellaOps.Web/src/app/features/vulnerabilities/components/trust-algebra/replay-button.component.ts`)
  - `trust-algebra` (`src/Web/StellaOps.Web/src/app/features/vulnerabilities/components/trust-algebra/trust-algebra.component.ts`)
  - `trust-vector-bars` (`src/Web/StellaOps.Web/src/app/features/vulnerabilities/components/trust-algebra/trust-vector-bars.component.ts`)
  - `vuln-triage-dashboard` (`src/Web/StellaOps.Web/src/app/features/vulnerabilities/components/vuln-triage-dashboard/vuln-triage-dashboard.component.ts`)
  - `vulnerability-detail` (`src/Web/StellaOps.Web/src/app/features/vulnerabilities/vulnerability-detail.component.ts`)
  - `vulnerability-explorer` (`src/Web/StellaOps.Web/src/app/features/vulnerabilities/vulnerability-explorer.component.ts`)
- **Services**:
  - `trust-algebra` (`src/Web/StellaOps.Web/src/app/features/vulnerabilities/components/trust-algebra/trust-algebra.service.ts`)
- **Models**:
  - `src/Web/StellaOps.Web/src/app/features/vulnerabilities/components/trust-algebra/trust-algebra.models.ts`
- **Source**: SPRINT_20260118_007_FE_security_consolidation.md

## E2E Test Plan
- **Setup**:
  - [ ] Log in with a user that has appropriate permissions
  - [ ] Navigate to `/vulnerabilities`
  - [ ] Ensure test data exists (scanned artifacts, SBOM data, or seed data as needed)
- **Core verification**:
  - [ ] Verify the component renders correctly with sample data
  - [ ] Verify interactive elements respond to user input
  - [ ] Verify data is fetched and displayed from the correct API endpoints
- **Edge cases**:
  - [ ] Verify graceful handling when backend API is unavailable (error state)
  - [ ] Verify responsive layout at different viewport sizes
  - [ ] Verify accessibility (keyboard navigation, screen reader labels, ARIA attributes)

## Verification
- Run: `docs/qa/feature-checks/runs/web/impact-first-vulnerability-detail/run-001/`
- Tier 0 (source): pass (`tier0-source-check.json`)
- Tier 1 (build/tests): pass (`tier1-build-check.json`)
- Tier 2 (behavior): pass (`tier2-e2e-check.json`)
- Verified on (UTC): 2026-02-11T07:02:25Z